A Publish/Subscribe Framework: Push Technology in E-Commerce
BNCOD 17 Proceedings of the 17th British National Conferenc on Databases: Advances in Databases
Organizational Management in Workflow Applications – Issues and Perspectives
Information Technology and Management
International Journal of Computer Integrated Manufacturing
Information systems resources and information security
Information Systems Frontiers
Hi-index | 0.00 |
Role-based access control (RBAC) provides flexibility to security management over the traditional approach of using user and group identifiers. In RBAC, access privileges are given to roles rather than to individual users. Users acquire the corresponding permissions when playing different roles. Roles can be defined simply as a label, but such an approach lacks the support to allow users to automatically change roles under different contexts. In E-commerce access to shared resources has to be controlled in the context of the entire business process; it is therefore necessary to model dynamic roles as a function of resource attributes and contextual information. In this paper, an object-oriented organizational model, OMM, is presented as an underlying framework to support dynamic role. The paper describes the OMM reference model and shows how it can be applied flexibly to capture the different classes of resources within a corporation, and to maintain the complex and dynamic role relationships between the resource objects. Administrative tools use OMM to define security policies for role definition and role assignment. At runtime, the resource manager queries OMM to authorize any access attempts.